3 things that will change the world today

Send me interesting reports, magazines, promotions and exclusive content from the Verdict group

You are in control of the communications you receive from us and you can update your preferences anytime to make sure you are receiving information that matters to you.
Please check our Verdict Privacy Policy to see how we protect and manage your submitted data.

The president of workforce solutions Rodolfo Ploder also sold stock worth $250,458.

Ines Gutzmer, head of corporate communications for Equifax, insisted that the three executives “had no knowledge that an intrusion had occurred at the time they sold their shares”.

Between mid-May and the end of July, cyber-criminals had access to the data of some of the company’s US, UK and Canadian customers.

The hackers were able to wade through personal information including birth dates, addresses, Social Security and credit card numbers by exploiting a “website application vulnerability”, Equifax said.

The company’s chairman and CEO Richard Smith said:

This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations.

For now, Equifax has said it will work with regulators in the US, UK and Canada to deal with the consequences of the breach.

The company is also offering affected customers free credit monitoring and identity theft protection for a year.

3 Things That Will Change the World Today

Get the Verdict morning email

Companies like Equifax are supposed to be the bastions of customer data. Yet, as has worryingly become commonplace today, businesses are continuing to neglect how they protect customer data — and even their own data. Recent research we conducted found that 86 percent of systems administrators within major enterprises — those people that hold the keys to an organisation’s kingdom — are using basic password authentication to protect data.

Etienne Greeff, the co-founder of cybersecurity firm SecureData, agrees that Equifax failed to protect its customers, adding that the company is not doing enough to manage the consequences of the breach.

Today’s news on the hack against credit reporting firm Equifax is a textbook example of how not to handle a data breach effectively. Over half the population of America was put at risk, not to mention the vast number of credit cards that were compromised. Yet, despite the severe and far-reaching repercussions of the incident on customers, the reaction from the company has been lacklustre and worrying.

Verdict takes a look at some of the other companies and organisations which have fallen victim to big data hacks.

1. Yahoo

Yahoo was targeted in at least two separate cyber attacks in 2013 and 2014 that affected more than 1bn of its users’ accounts throughout the world.

“An unauthorised party” broke into the accounts, Yahoo said in a statement posted on its website at the time in what were “state-sponsored” attacks.

The hackers used “forged cookies” — bits of code that stay in the user’s browser cache so that a website doesn’t require a login with every visit, according to Bob Lord, Yahoo’s chief information security officer.

2. Friend Finder Networks

In November 2016, adult dating and pornography site company Friend Finder Networks was hacked, exposing more than 412m accounts, making it one of the largest data breaches in history.

Among the leaked account details were 78,301 US military email addresses, 5,650 US government email addresses and over 96m Hotmail accounts.

3. Anthem Inc

In 2015, the health insurer Anthem Inc suffered a data breach which compromised the social security numbers of about 80m customers.

The hackers accessed the information using “phishing” scam emails that were made to look like they were sent by Anthem, the second-biggest insurer in the US.

In the aftermath of the breach, Anthem president and CEO Joseph Swedish said:

Anthem’s own associates’ personal information — including my own — was accessed during this security breach. We join in your concern and frustration and I assure you that we are working around the clock to do everything we can to further secure your data.

4. Spambot accounts

Last month, more than 700m email addresses, as well as a number of passwords, were leaked because of a misconfigured spambot.

The data was available because the spammers failed to secure one of their servers.

However the damage was contained because the majority of the compromised email addresses were not linked to real accounts.

Many were incorrectly scraped from the web, while others had been the result of guesswork.

5. Deep Root Analytics

In June, nearly every registered American voter was left vulnerable to theft on a public Amazon cloud server by a marketing firm contracted by the Republican National Committee (RNC).